You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2012/04/18 08:49:55 UTC
DO NOT REPLY [Bug 53098] New: mod_proxy_ajp: patch to set worker
secret passed to tomcat
https://issues.apache.org/bugzilla/show_bug.cgi?id=53098
Bug #: 53098
Summary: mod_proxy_ajp: patch to set worker secret passed to
tomcat
Product: Apache httpd-2
Version: 2.2.22
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: mod_proxy_ajp
AssignedTo: bugs@httpd.apache.org
ReportedBy: dab18@izhnet.ru
Classification: Unclassified
Created attachment 28630
--> https://issues.apache.org/bugzilla/attachment.cgi?id=28630
adding "secret" proxypass option
apache httpd config:
ProxyPass /test ajp://localhost:8009/test secret=123
tomcat config:
<Connector protocol="AJP/1.3" requiredSecret="123" ... />
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 53098] mod_proxy_ajp: patch to set worker secret passed to
tomcat
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53098
--- Comment #2 from Dmitry <da...@gmail.com> ---
example of more secure configuration.
main apache virtualhost file (world readable):
...
ProxyPass /test ajp://localhost:8009/test
#Include must be after ProxyPass
Include ajp_secrets.include
...
contents of ajp_secrets.include (only root readable):
...
ProxySet ajp://localhost:8009/test secret=123
...
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 53098] mod_proxy_ajp: patch to set worker secret passed to
tomcat
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53098
--- Comment #1 from Jacob Champlin <ja...@gmail.com> ---
Voting for this bug because this is the only way to prevent someone from
constructing a ajp request and sending it with a invalid username to a tomcat
server. This module should support this.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 53098] mod_proxy_ajp: patch to set worker secret passed to
tomcat
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53098
Jacob Champlin <ja...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jacob.champlin@gmail.com
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 53098] mod_proxy_ajp: patch to set worker secret passed to
tomcat
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53098
kmclaugh@gmail.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |kmclaugh@gmail.com
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 53098] mod_proxy_ajp: patch to set worker secret passed to
tomcat
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53098
Christophe JAILLET <ch...@wanadoo.fr> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |PatchAvailable
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 53098] mod_proxy_ajp: patch to set worker secret passed to
tomcat
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53098
Christophe JAILLET <ch...@wanadoo.fr> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #28630|0 |1
is patch| |
Attachment #28630|application/octet-stream |text/plain
mime type| |
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org